Prev: Windows7 able to join Samba4-alpha12 domain, but unable to manage
Next: Is this possible?
From: Deyan Stoykov on 3 May 2010 02:50
Jörn Frenzel wrote:
> Dear all,
>
> we have a strange behavior using Samba (Verson 3.5.2) as PDC with Open
> LDAP (Version 2.1.22) as backend and an old Novell-Client (version: 4.91
> SP5) running on WinXP (SP3 and higher).
>
> The old PDC (Version 3.0.28) was running over years with the same
> LDAP-Server as backend and with Novell installed on the clients.
>
> We decided to migrate to Samba 3.5.2 , updated all the LDAP schemas
> according to Samba Version 3.5.2, setup an new 64Bit Ubuntu (10.4) and
> build the new Samba. Everything worked fine and the testclient (without
> Novell) could login without any trouble. But if i try to login on a
> Novell-Client (using nwgina.dll instead of msgina.dll), i'm forced to
> set a new password and this is what we don't want.
>
> Users LDAP-Values for "sambaPwdMustChange" are quite old, but the
> LDAP-Value "sambaMaxPwdAge" for the object "sambaDomain" itself is set
> to "-1". As far as i understand, this should ever cover the
> "old-passwords-problem" and in indeed msgina.dll does not claim about
> old pwds.
>
> But nwgina seems to act in a different way. As we noticed in the
> nwgina.log, it is first asking if username and password apply and then
> it is asking about the password age.
>
> We digged around in the code, looking for the point nwgina uses to ask
> about the password age. Unfortunately we found nothing.

Hi Jorn,

We're experiencing this as well. I believe it's caused by this bug:

https://bugzilla.samba.org/show_bug.cgi?id=7066

Regards,
Deyan

--
Deyan Stoykov, dstoykov(a)uni-ruse.bg
System administrator
University of Ruse

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
From: Jörn Frenzel on 3 May 2010 07:40
> Hi Jorn,
>
> We're experiencing this as well. I believe it's caused by this bug:
>
> https://bugzilla.samba.org/show_bug.cgi?id=7066
>
> Regards,
> Deyan

Hi Deyan,

i don't think, that my problem has something in common with the bug you
mentioned. We are noticing this problem only with nwgina.dll. What about
you, do you use Novell?

As my colleague found out msgina uses the function "NetUserGetInfo" in
level 2, but nwgina uses this function in level 3.

http://msdn.microsoft.com/en-us/library/aa370654(VS.85).aspx

What i suggest is, that something in samba-versions higher than 3.0.28
changed handling this level 3 calls.

Any ideas?

Regards,

Jörn


--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
From: Deyan Stoykov on 4 May 2010 02:30
Jörn Frenzel wrote:
>> Hi Jorn,
>>
>> We're experiencing this as well. I believe it's caused by this bug:
>>
>> https://bugzilla.samba.org/show_bug.cgi?id=7066
>>
>> Regards,
>> Deyan
>
> Hi Deyan,
>
> i don't think, that my problem has something in common with the bug you
> mentioned. We are noticing this problem only with nwgina.dll. What about
> you, do you use Novell?

We have some workstations that login to either the NDS tree or the Samba
domain. We also have workstations without the novell client that are
used by users from a trusted domain. Both started experiencing the same
problem after upgrade to samba 3.4.4 and it's still here with 3.5.2.
Probably the way nwgina handles domain logins has something in common
with the way logins to a trusted domain are handled. I suggest you keep
a look at bug 7066.

Regards,
Deyan

--
Deyan Stoykov, dstoykov(a)uni-ruse.bg
System administrator
University of Ruse
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
 | 
Pages: 1
Prev: Windows7 able to join Samba4-alpha12 domain, but unable to manage
Next: Is this possible?